CVE-2021-33600
Denial of Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product.
Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en la interfaz de usuario web de F-Secure Internet Gatekeeper. La vulnerabilidad se produce porque un atacante puede desencadenar una aserción por medio de un paquete HTTP malformado a la interfaz web. Un atacante no autenticado podría explotar esta vulnerabilidad mediante el envío de un parámetro de nombre de usuario grande. Una explotación con éxito podría conllevar a una denegación de servicio del producto
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-27 CVE Reserved
- 2021-09-28 CVE Published
- 2024-06-13 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-617: Reachable Assertion
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| F-secure Search vendor "F-secure" | Internet Gatekeeper Search vendor "F-secure" for product "Internet Gatekeeper" | >= 5.10 <= 5.50.47 Search vendor "F-secure" for product "Internet Gatekeeper" and version " >= 5.10 <= 5.50.47" | - |
Affected
| ||||||